The paranoia of quantum computing is creating a new industry.

Although there are no quantum computers yet, security companies are already preparing to protect against them.

Fear helps make sales in the field of computer security. At the end of 2015, the Security Innovation company from Massachusetts suddenly received support from one of the most terrible offices - the NSA.

For six years, the company tried to create a new revenue line, licensing the unusual NTRU encryption technology acquired from four mathematicians from Brown University. It was invented in response to the powerful capabilities for cracking codes attributed to quantum computers, but there was little interest in the development, since there are no such computers yet and it is not expected in the near future.

Then the NSA warned that in the light of progress in the field of quantum computing, encryption that protects online transactions, banking and the like, should be replaced as soon as possible with something that is protected from quantum computers. “And from that moment on, we no longer needed to convince people of the reality of the threat,” says Gene Carter, director of product management at Security Innovation. "Now people call for help."

Security Innovation has become part of a small, but rapidly growing industry that helps organizations make plans for the upcoming cryptoarmageddon.
')
Apparently, the emergence of quantum computers capable of hacking into any types of encryption, on which modern society relies, will have to wait for many more years. Cryptographers agree that the currently proposed “quantum protected” systems, including the NTRU, need further refinement. But the potential chaos that quantum computers can bring, and the sobering statements of government agencies such as the NSA, have already led to a sense of urgency that could create a new market.

The National Institute of Standards and Technology proclaimed that government agencies should be ready for “post-quantum” encryption by 2025. Security Innovation and several of its competitors say that they already have clients exploring the possibility of upgrading systems to a quantum-protected state, and even experimenting with some similar encryption schemes.

One of the companies in the business of preparing for the quantum world is Atos. It provides IT services, costs several billion dollars, and its headquarters is located in France. Frederick Curling, the manager in this area, believes that companies dealing with important data need a head start in such a huge task of updating their infrastructure.

“Encryption is hidden in all parts of organizations, in hardware and software, and in order to update it, you need to know where it is located,” he says. Although helping companies plan the transition to the era of quantum computing is a niche business, Curling believes that over the next few years it will only grow. “Awareness on this issue is growing,” he says.

Google and Microsoft have recently increased their investment in quantum computer research. Curling says that the IBM project, which placed the quantum chip online last year, helped convince many of the directors of the organizations with whom he communicated the need to consider the new technology in terms of its impact on security.

Many of the world's techno-companies are working to create new forms of encryption that can withstand future quantum computers. Cisco and Amazon are involved in the study of this issue by groups that develop European and international standards. Microsoft tested the “anti-quantum” encryption option for web pages. Google is testing the post-quantum algorithm "New Hope" (New Hope) in the Chrome browser.

Cryptographer Bruce Schneier [Bruce Schneier], director of technology at Resilient Systems, an information security company owned by IBM, says research and effort by government agencies in this area is vital. But he does not believe that the company should now begin to plan its work in the era of quantum computers. “I think it's a bit early,” he says. “Companies should not think about it yet.”

Michele Mosca, co-founder of the Institute of Quantum Computing at the University of Waterloo in Canada, and co-founder of the company engaged in post-quantum security, EvolutionQ, believes that it’s not too early to start doing this for companies that process data that has been stored for quite some time, for example medical or financial records.

Such companies need to consider the risk of capturing encrypted data by their rivals, and storing them until quantum computers fail to decipher them, Mosca says. And if some companies today do not begin to participate in the complex public process of updating encryption, the industry will not be able to quickly introduce post-quantum encryption when it is allowed by government agencies.

Mosca gives one chance out of seven that by 2026 someone, most likely, in any state, will have a quantum computer capable of breaking the encryption used today for critical data. “Usually, the industry just waits for a catastrophe, and then fixes it all with big risks,” he says.